New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache

Thread starter ccto
Start date Yesterday at 9:09 AM

C

ccto

Verified User

Yesterday at 9:09 AM

#1

Soon we will need to recompile every Apache / Nginx , ...

thehackernews.com

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

HTTP/2 Bomb exploits HPACK and flow control; a single client can hold 32GB memory in 20 seconds, causing server outages.

thehackernews.com

thehackernews.com

LawsHosting

Verified User

Yesterday at 9:46 AM

#2

....... and distroy AI

J

johannes

Verified User

Today at 8:33 AM

#3

I saw a post with this new attack vector a few days ago in litespeed discord channel. At least, Litespeed guys are already working on it.

You must log in or register to reply here.

Share:

Facebook X Bluesky LinkedIn Reddit Link

Top